public Map<String, Permission> getFlatPermissions() { Map<String, Permission> xPerms = getAllPermissions(); List<Permission> lPerms = new ArrayList<Permission>(xPerms.values()); for (Permission lPerm: lPerms) { if (lPerm.isWildcard()) { xPerms.remove(lPerm.getResource()); List<String> all = JMXUtils.queryNames(lPerm.getResource()); for (String resource: all) { Permission xPerm = new Permission(resource, lPerm.getPermissions()); xPerms.put(resource, xPerm); } } } logger.trace("getFlatPermissions.exit; returning: {}", xPerms); return xPerms; }
/** * * @param resource the resource to grant permission on * @param permission the permission to add into the entity permissions map * @return true if the permission has been added, false otherwise */ public boolean addPermission(String resource, Permission.Value permission) { Permission perm = permissions.get(resource); if (perm == null) { perm = new Permission(resource); permissions.put(resource, perm); } return perm.addPermission(permission); }
/** * * @return the full map permissions granted to entity directly or via roles */ public Map<String, Object> getFlatPermissions() { Map<String, Object> perms = new HashMap<String, Object>(permissions.size()); for (Map.Entry<String, Permission> e: permissions.entrySet()) { perms.put(e.getKey(), e.getValue().getPermissionsAsString()); } return perms; }
/** * * @param resource the resource to revoke permission from * @param permission the permission to remove from the entity permissions map * @return true if the permission has been removed, false otherwise */ public boolean removePermission(String resource, Permission.Value permission) { Permission perm = permissions.get(resource); if (perm != null) { if (permission == null) { permissions.remove(resource); return true; } else { boolean result = perm.removePermission(permission); if (result && perm.isEmpty()) { permissions.remove(resource); } return result; } } return false; }
protected void getRecursivePermissions(Map<String, Permission> xPerms, String roleName) { Role role = getRoleCache().get(roleName); if (role != null) { if (role.getIncludedRoles().size() > 0) { for (String name: role.getIncludedRoles()) { getRecursivePermissions(xPerms, name); } } Collection<Permission> perms = role.getPermissions().values(); if (perms.size() > 0) { for (Permission perm: perms) { Permission xPerm = xPerms.get(perm.getResource()); if (xPerm == null) { xPerm = new Permission(perm.getResource()); xPerms.put(perm.getResource(), xPerm); } for (Permission.Value p: perm.getPermissions()) { xPerm.addPermission(p); } } } } }
@Override public void write(ObjectDataOutput out, Permission xPerm) throws IOException { out.writeUTF(xPerm.getResource()); out.writeObject(xPerm.getPermissions()); }
/** * {@inheritDoc} */ @Override public Map<String, Permission> unmarshal(Permissions xdmPerms) throws Exception { Map<String, Permission> perms = new HashMap<String, Permission>(); for (Permission xdmPerm : xdmPerms.permissions()) { perms.put(xdmPerm.getResource(), xdmPerm); } return perms; }
@Override @SuppressWarnings("unchecked") public Permission read(ObjectDataInput in) throws IOException { return new Permission(in.readUTF(), (Set<Permission.Value>) in.readObject()); }
/** * * @param resource the resource name * @param permissions set of permissions granted on the resource */ public Permission(String resource, Value... permissions) { this.resource = resource; for (Value p: permissions) { addPermission(p); } }
|| methodName.equals("isInstanceOf") || methodName.equals("isRegistered") || methodName.equals("queryMBeans") || methodName.equals("queryNames")) && xPerm.hasPermission(Permission.Value.read)) { if (methodName.startsWith("setAttribute") && xPerm.hasPermission(Permission.Value.modify)) { if (methodName.equals("invoke") && xPerm.hasPermission(Permission.Value.execute)) {
@ManagedOperation(description="Returns access permission for the named Resource") @ManagedOperationParameters({ @ManagedOperationParameter(name = "resource", description = "A name of the Resource to return")}) public String[] getResourcePermissions(String resource) { Permission perm = getEntity().getPermissions().get(resource); if (perm != null) { return perm.getPermissionsAsArray(); } return new String[0]; }
@Override @SuppressWarnings("unchecked") public Role read(ObjectDataInput in) throws IOException { Object[] entity = super.readEntity(in); String name = in.readUTF(); String description = in.readUTF(); List<Permission> perms = (List<Permission>) in.readObject(); Set<String> roles = (Set<String>) in.readObject(); Map<String, Permission> mPerms = new HashMap<String, Permission>(perms.size()); for (Permission xpm: perms) { mPerms.put(xpm.getResource(), xpm); } Role xRole = new Role( (int) entity[0], (Date) entity[1], (String) entity[2], mPerms, roles, name, description); return xRole; }
private Boolean checkSchemaPermission(PermissionAware test, String schemaName, Permission.Value check) { String schema = "com.bagri.db:name=" + schemaName + ",type=Schema"; Permission perm = test.getPermissions().get(schema); if (perm != null && perm.hasPermission(check)) { return true; } schema = "com.bagri.db:name=*,type=Schema"; perm = test.getPermissions().get(schema); if (perm != null && perm.hasPermission(check)) { return true; } for (String role: test.getIncludedRoles()) { Role xdmr = roles.get(role); if (xdmr != null) { Boolean result = checkSchemaPermission(xdmr, schemaName, check); if (result != null && result) { return true; } } } return false; }
@Override @SuppressWarnings("unchecked") public User read(ObjectDataInput in) throws IOException { Object[] entity = super.readEntity(in); String login = in.readUTF(); String password = in.readUTF(); boolean active = in.readBoolean(); List<Permission> perms = (List<Permission>) in.readObject(); Set<String> roles = (Set<String>) in.readObject(); Map<String, Permission> mPerms = new HashMap<String, Permission>(perms.size()); for (Permission xpm: perms) { mPerms.put(xpm.getResource(), xpm); } User xUser = new User( (int) entity[0], (Date) entity[1], (String) entity[2], mPerms, roles, login, password, active); return xUser; }
@ManagedAttribute(description="Returns effective Role permissions, recursivelly") public CompositeData getRecursivePermissions() { Map<String, Permission> xPerms = new HashMap<String, Permission>(); getRecursivePermissions(xPerms, entityName); Map<String, Object> pMap = new HashMap<String, Object>(xPerms.size()); for (Map.Entry<String, Permission> e: xPerms.entrySet()) { pMap.put(e.getKey(), e.getValue().getPermissionsAsString()); } return JMXUtils.mapToComposite(entityName, "permissions", pMap); }
@ManagedAttribute(description="Returns effective User permissions, recursivelly") public CompositeData getRecursivePermissions() { Map<String, Permission> xPerms = getAllPermissions(); Map<String, Object> pMap = new HashMap<String, Object>(xPerms.size()); for (Map.Entry<String, Permission> e: xPerms.entrySet()) { pMap.put(e.getKey(), e.getValue().getPermissionsAsString()); } return JMXUtils.mapToComposite(entityName, "permissions", pMap); }